LINUX FOR MACS
A company called LinuxPPC is unveiling its version of the Linux
operating system that runs on the Macintosh PowerPC platform.
The
LinuxPPC 5.0 software will be available for downloading free
on the
Internet, and an expanded CD version, which includes development
tools,
AppleShare integration and other features, will be sold for $32.
A full
version bundled with Applix's ApplixWare will be available for
$125.
Once LinuxPPC is loaded onto a PowerPC machine, it can run either
Mac
OSX or LinuxPPC, a feature that may add to its popularity.
"A lot of
people are looking for an alternative operating system,"
says the
director of product management for Applix.
(TechWeb 7 Jan 98)

A CALL TO ACTION AGAINST WASSENAAR
The following is a message posted by John Gilmore to many
security-related sites recently about pending sanctions against
cryptographic software:

The US Wassenaar initiative is an attempt to deny the public
not only
all future strong crypto developments, but all existing ones.
As
today's message from Denmark makes clear, the freedom-hating
bureaucrats are threatening to prosecute a citizen merely for
publishing PGP on his web page.

Let's at least ensure that they don't eliminate *today's*
strong
crypto, by replicating crypto archives behind each Berlin Wall
they
threaten to erect. Today we depend on a small number of
archives (in
a small number of countries) containing source and binaries for
PGP,
SSH, Kerberos, cryptoMozilla, IPSEC, and many other useful crypto
tools that we use daily.

Let's replicate these archives in many countries. I
call for
volunteers in each country, at each university or crypto-aware
organization, to download crypto tools while they can still be
exported from where they are, and then to offer them for export
from
your own site and your own country as long as it's legal.
(The
Wassenaar agreement is not a law; each country has merely agreed
to
try to change its own laws, but that process has not yet started.)

And if at some future moment your own government makes it
illegal for
you to publish these tools, after all your appeals are denied,
all the
pro-bono court cases rejected, and all the newspaper coverage
you can
get has been printed, then restrict your web site so that only
your
own citizens can get the tools. That'll still be better
than the
citizens of your country having NO access to the tools of privacy!

(I suggest putting these tools on a Web site on a machine
that you
own, rather than on a web site where you buy space from someone
else.
That way there'll be nobody for the freedom-squashers to threaten
except you.)

I'm sure that John Young's excellent http://jya.com site will
be happy
to provide an index of crypto archives around the world, if people
will send him notices at jya@pipeline.com as your sites come
up.
(Each archive should locally mirror this list, so that we won't
depend
on a single site.)

Rather than having their desired effect of squelching crypto
distribution, perhaps their overbold move can inspire us to increase
strong crypto distribution tenfold, by making it clear to the
public
that if you don't keep a copy on your own hard drive, the governments
of the world will be merciless in scheming to deny you access
to it.
And if crypto developers have to publish on books, or rely on
smugglers to get crypto from country to country, then at least
each
country will have its distribution arrangements already ready
for when
the book is scanned or the smuggler arrives.

Hey there,
I would just like to comment on the proxy story below, that contrary
to
common belief most proxies won't make you "anonymous".
The much used
Squid proxy for instance will (by default, it can be turned
off) add a
line to each HTTP request you do containing your real IP address.
A
fast way to check would be to run your own webserver, create
a (cgi-bin
or other) script which display the HTTP_X_FORWARDED_FOR environment
variable, and access your own script through the proxy. An empty
reponse will most likely mean the proxy can be used for "anonymous"
use. (Beware that the above variable is used by Squid and not
necessarily others. You might want to display ALL variables and
see if
your IP/hostname shows up somewhere.) You were probably already
aware
of this; just thought it might be useful for others. Not sure
if it has
been mentioned before either, I'm not on the list that long.

Keep up the good and happy work,
NiElS

> You have a browser configured to access a web proxy.
You send a
> request for a web page, and the proxy services it...the
proxy
> sends the request to the target. Now, the target sees
a request
> coming from the proxy...which has a different IP address
than
> yours. The proxy then forwards the response to you...
>
> Step 1. Issuing the request.
>
> [u.u.u.u] --> [p.p.p.p]
> You
Proxy
>
> Step 2. The proxy forwards the request.
>
>
[p.p.p.p] --> [t.t.t.t]
>
Proxy
Target
>
> **To the target, the request is coming from IP "p.p.p.p"
>
> Step 3. The response is sent to the Proxy>
>
[p.p.p.p] <-- [t.t.t.t]
>
Proxy
Target
>
> Step 4. You get the response from the Proxy.
>
> [u.u.u.u] <-- [p.p.p.p]
> You
Proxy
>
>
> Now, the same is true when you use telnet and a shell account
or
> two. You mask the IP address of the computer you are
sitting at
> by telnetting to one or more shell accounts and then telnetting
to
> the final target. This uses the same principle as
was described
> above.

http://netscan.org has the first (relatively) complete database
of
ICMP directed broadcast networks ("smurf amplifiers").
All allocated
IPaddresses ending in .0 or .255 have been pinged and measured,
so
it's complete short of pinging the whole 'Net.
It's queryable by IP address/subnet/broadcast (same output) and
a list
of the worst 1024 networks, rescanned this morning, is available.
We're hoping netscan.org will get enough publicity that admins
will be
pressured - both by user comments and bandwidth limitations -
to fix
their router configurations.

First, the fan-boy stuff: I really enjoy HH, both the mailing
list
and the website. You guys are great!

Now, on with my suggestion:
I'd like very much if you would put some "Linux hacking
for newbies"
info together. The basics, you know? It feels like all the info
"out
there" is for *nix experts, and people like me, who have
just
installed Linux, don't have a really good starting point...

Anything would be great! :)

Regards,
Frode Egeland

[Ed- Check the Basic UNIX Commands section below for some
Linux
commands to play with. Or, feel free to check
http://members.xoom.com/finite2/dw0rd/techbib.txt for some
info
about beginning hacking. I haven't read the whole thing,
but what
I've seen so far is pretty decent.]

>Where are the shadowed passwords on an AIX 4 system placed?
And,
>how do you interpret what appears to be two different tokens
in the
>password field (two shadow files maybe?!?)?
>Thanks for your help...
Hello. AIX shadowed passwords are kept in /etc/security/passwd,
which can only be gotten to as root. You cannot even cd
to
/etc/security unless you have root on the box. On my AIX
4.2
(RISC/6000) system, there is only one token in /etc/passwd that
I can
see. Hope this helps...

Hey... I've looked around and I've found probaly the best
shell for
$10.00. It is the Legion Of Doom's, at www.lod.com. SSH, bitchx,
irc,
anonymity, compiler access. Also...... considering it's THE Legion
Of
Doom I don't think they mind you *playin* from the box.

Hey Carolyn, if you want, you can tell your readers about
this great
program that totally eliminates the risk of back orifice.
It is
really cool, and if your readers use it, they would never have
to
worry about getting it, and I won't have to waste my time reading
$%&@*)# 500 articles every week from some dumbass who just
found out
his pc had BO. The program I speak of is called linux.
Yea, linux,
the OS.

anonymous

(seriously, ever since BO was released, there hasn't been
one digest
that went without mentioning it)

[Ed- And now there will be another one. ;) After this, though,
I
don't anticipate seeing Back Orifice again. This IS a UNIX
digest
after all.]

Patrick Gilbert <gilbert@pgci.ca> Posted to Bugtraq:
(Bugtraq archives can be found at www.geek-girl.com/bugtraq)

Like many system administrators, paranoia comes as a sixth
sense.
They don't like their networks prodded or probed by outsiders;
this
would be like bursting in their office while they are taking
their
coffee and groping them.

So, after having my fun with nmap-2.00, I decided to conjure
something that will monitor for this type of network reconnaissance.

The monitor works with tcpdump, and perl provides flexibilty.
Feel
free to improve on it, and mail me a copy. You must provide the
network to monitor and ports to exclude and you can also add
filters
for larger networks.

Here are a few suspicious packets it looks out for, with added
features you can read about and grab the source at
http://www.pgci.ca/syn.html

I am still a newbie at Unix and was wondering if you could
help me with
FreeBSD or Linux. I am currently making an effort to get FreeBSD
2.2.8
and RedHat Linux but I am running into problems because I don't
know
what I'm supposed to have and what I am not in reference to files
and/or
directories in each of the two programs. I have looked around
on the
net but all I got was installation instructions and FAQs and
the Linux
HOWTOs but they don't tell me how I'll know that I have a complete
system or not. Can you help? If not do you know where I can get
help?
Lastly, if you can't help with these and can with another flavour
of
unix then that would be helpful too.
FAIZAL@MEGA.BW
Thanx a Tonne

[Ed- There's really no such thing as a "complete"
system. Depending on
what you plan on doing, you'll need different programs.
For example, if
you plan on coding in C++, you'll need the g++ compiler
or something
that can take its place. If you want Xwindows, then you'll
have to
install that. It's like a big picnic with lots of food.
Take what you
want, and leave the rest to others. So try to figure out
what you want
to do with your computer and dig up the packages you want.]

This is my first time e-mailing you on happy hacker. I've
read it for a
long time though :) and it is very good. I have a question
about IRC
when I am using Linux 2.0.34 and BitchX75p1. I need to
masquerade (?)
my hostname in BitchX as I am being attacked very often by DoS.
I do
not know how this works, and if I could do it I would be grateful.

Hi I was wondering - I've read lots of tricks & such for
unix, but the
main thing is, it never informs you of how to get your program
on the
remote machine. Could you please tell me how to open editors
& upload &
such to unix systems. Please respond ASAP, thank you.

[Ed- There are two different kinds of exploits. Remote and
local. To
use a local exploit, you need access to a shell account
on the
computer. A remote exploit can be performed from any computer
on the
internet (assuming the target computer is connected too)]

I know that you get a lot of question from beginners but this
one will
be short and sweet. The last computer that I had was a Tandy
80 I now
have this good multimedia system with decent software.
my problem is
that I am lost in the information age. What I want to know is
one good
basic starting point? I understand that reading is the basis
but when
I start on one subject the info quickly leads me to something
else.

[Ed- That's the best way to go, studying where your interest
leads you]

All I am looking for is what to start on I can do the digging
from
there? The idea of hacking intrigues me and I believe it is something
that I must pursue. Not for malicious purposes but let's face
it
computers are still young and the ones that understand them the
best
will be the ones that survive the best.
thanks
pino (halapino@hotmail.com)

Carolyn :
Recently I was reading one of the back issues of the Happy Hacker
Digest. In it, someone asked how to get rid of the LILO master
boot
loader. Your answer was to type fdisk /mbr at the dos prompt.
After I
read this I did the same. The I frogot was that I did not have
a
Linux (Red Hat 5.1)boot disk. So then, I decided to reinstall
Linux
to get the Boot disk. When I did so, every time when
I get to the
actual installation part, after a little while, I get error messages
saying that I had no more room, but in reality, I had hundreds
of
megabytes free. Is it because that I need to delete everything
in the
Linux partition before I start? Please reply, I am in really
big
trouble and I don't think I can get out of it alone.
Thanks in advance

[Ed- Before you install, you'll probably need to reformat
the old
Linux partition and _then_ reinstall your files. This is
part of the
installation process in Debian Linux, but I'm not quite
sure about
Red Hat in particular.]

I just recently set up a linux box at work. I am looking for
a good
website to answer my questions as they come up. I have a couple
books
on the subject but occasionally I still can't find what I'm looking
for. Do you have any recommendations for such a web site?
TIA
---------------------------------------------
Jim Fielder
bigjim@softcom.net
www.softcom.net/users/bigjim

Dear Sir:
Happy new Year!
I am an engineering student in China. Now i encountered a question
about C language.
I downloaded some source code and want to compile it under solaris
2.5 and there is one line that cc gives me the error:

u_long get_sp(void)
{
_asm_(mov %sp,%i0);
}

Here the function get_sp wants to get the value of sp - it uses
embedded asm, but the function wants a return value while in
the
function there's no return. So the cc compiler gives the error
that
get_sp must specify a return value and exits the compiling process.
I do not know what to do because almost all the overflow source
code
is written in this way. So would you please tell me how to solve
this
problem? Your help will be greatly appreciated!
Thank you very much!
seascene

[Ed- Not ever having used inline assembly, (yes, bad me) I
had to
resort to asking a friend of mine who'd know a bit better.
Here's
what he had to say:

I will assume that the mov is copying a value to the
place where it
would be returned, yes? Then I can say that the compiler
isn't
recognizing it as a return; there's no actual return statement.
Make a temp variable, mov into the variable, and return
the
variable.]

Please help me. I am having trouble getting help setting up
my linux.
I actually was refused help from their support line. I can't
seem to
get my modem running. Please help.

[Ed- Please be alot more specific in your submissions. What
type of
Linux? What modem? What version? As for the support line,
I'm
assuming you're using Red Hat or some other commercial
brand, and
never actually paid for the product. That's probably why
you got
refused.]

[Ed- I thought it'd be appropriate if I'd give a little overview
of some
basic UNIX commands to those newbies out there. Some of
this stuff has
been covered already, but I don't see why I couldn't go
over it again
as I've gotten a few mails asking how to do basic things.
Enjoy, and
feel free to send me any questions, comments or suggestions.
Man pages
are great fun - for extra info on any of these, type "man
ls" or
whichever one you're interested in (without the quotes)]

cat - concatenate files and print on the standard output

cat readme.txt
-This will just spit out the contents of readme.txt to your screen.

ls - list contents of directories

ls -al /etc
-This will show all (a) files and subdirectories in the directory
/etc
-in long (l) format

cd - change working directory

cd /usr/bin
-This will change your current directory to /usr/bin

pwd - print name of current/working directory

passwd - change login password and password attributes

mkdir - make directories

mkdir priv
-This makes a subdirectory named priv in the current directory

rmdir - remove empty directories

rm - remove files

rm -i *.txt
-This removes all files ending in .txt and prompts you for each
one

ps - report process status

ps -A
-This prints out a listing of ALL processes running

df - summarizes free disk space

ln - make links between files

ln -s /etc/passwd /home/coder/readme.txt
-This makes a link from /home/coder/readme.txt to /etc/passwd
-Basically, readme.txt just points to /etc/passwd and acts like
-it in most ways.

pico - simple text editor in the style of the Pine Composer

pico index.html
-This brings up the file index.html in a very strightforward
editor

pine - a Program for Internet News and Email

ftp - file transfer program

telnet - user interface to a remote system

telnet koan.happyhacker.org 80
-This will try to connect to port 80 on the wargame computer
koan

lynx - a text-based web browser

nslookup - find IP addresses for hostnames, and vice versa

nslookup ftp.microsoft.com
-This will return the dotted IP address of ftp.microsoft.com,
which
-happens to be 198.105.232.1

ping - send "are you alive" packets to network hosts

ping koan.happyhacker.org
-This will (most of the time) tell you if koan is alive on the
-network and how long it takes for information to reach it. Press
-CTRL-C to quit pinging, if it is doing it repeatedly.

who - show who is logged on

finger - display information about local and remote users

finger root
-This will display information about root on your local computer

[Ed- Again, I highly encourage you to read the man pages on
these
commands. Please note these are not even close to all of
the
commands available to you. And please don't complain "why
didn't
you mention this one"...I picked some out of the blue.
If you
want more information about a particular command, by all
means
ask, though :)]

First off, I'd like to say that I'm very grateful to Carolyn
for letting
me take over as the new editor of the Happy Hacker Unix Digest.
Hopefully I can contribute as much as the rest of you do, and
help to
answer questions you may have. I'm very open to (constructive)
criticism
from anyone willing to give it. And thanks to all of you for
keeping
this alive for so long. I've been a subscriber since 1996 (I
think) and
it's good to see so much interest out there.

This is a list devoted to *legal* hacking! If you plan to
use any
information in this Digest or at our Web site to commit crime,
go away!
Foo on you! Don't email us bragging about any crimes you may
have committed.
We mean it.